Solved

FTP server on a window 2k3 server

Posted on 2004-09-09
10
2,919 Views
Last Modified: 2009-09-24
I am trying to setup FTP server to have users login to their home directrory when they access ftp. I have setup the ftp site to "isolate users using active directory" and set the home directory path in the active directory profile. I get the following error when trying to login to ftp:
530 user administrator cannot log in, home directory inaccessible.
Login failed.

What could I be missing here?
0
Comment
Question by:jlongjr
10 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
Comment Utility
What exactly did you set for your user accounts in Active Directory?

Dave Dietz
0
 

Author Comment

by:jlongjr
Comment Utility
In active directory I have set for each user their home directory which resides on the ftp server. I have set, under the profile tab, connect h: to the unc path of the directory. I have shared the folder with the user and administrator.
0
 

Author Comment

by:jlongjr
Comment Utility
Also when I login, from a workstation, the drive is mapped to the user’s home directory that is specified.
0
 

Author Comment

by:jlongjr
Comment Utility
Ok This is going to hurt. I found that you have to modify msIIS-FTPRoot and msIIS-FTPDir properties of the active directory user account, but I don't know how. I will do some more digging and keep this post updated.

John
0
 

Author Comment

by:jlongjr
Comment Utility
On the 2003 server with active directory and the ftp server I type the following commands.
iisftp.vbs /SetADProp jlong FTPRoot D:\Users
iisftp.vbs /SetADProp bart FTPDir \jlong

here is the path of the directory
D:\Users\jlong

It says the properties were set but when I try to ftp into the server and login I still get home directory inaccessable.
???
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:jlongjr
Comment Utility
I am just giving up. I have setup a standard ftp site and set the root as the d:\ and I will use windows folder security to allow or restrict access to specific areas.
Just a note: I have Novell Netware servers running in my environment and the home directory specified in the user’s properties “environment” is automatically the home directory when they ftp into the Netware server. It is set that way by default and it is nice. I think I am going to setup another Netware server instead of using this crappie windows server! All you have to do is load ftp on the Netware server and no configuration is needed. Really, it is that easy!
0
 
LVL 1

Accepted Solution

by:
rifraf1 earned 500 total points
Comment Utility
Jlongjr,

I know how frustrating setting this up can be...  I also have an FTP server with FTP isolation through AD set up.  You were on the right track, but looks like there was one minor problem...

1)  Create the account and password in AD (e.g. username is "bob")
2)  Create the user's FTP directory (e.g. d:\inetpub\bob)
3)  Go to a command prompt
4)  Type:  iisftp /setadprop bob ftproot d:\inetpub
5)  Type:  iisftp /setadprop bob ftpdir bob

That's it...  Now when "bob" logs on, d:\inetpub\bob will be bob's root directory.

I hope this helps.


Rif
0
 
LVL 1

Expert Comment

by:rifraf1
Comment Utility
Oh, and I heard there is supposed to be a snap-in for Active Directory which is supposed to list the FTP home directory in AD users, but I haven't found that one yet....  Why MS didn't include it as part of AD by default is beyond me.  I agree that it would be so much easier, and it just makes sense to include it by default.

Rif
0
 

Expert Comment

by:sygnatech
Comment Utility
Rif,

I followed your procedures and that got me a little farther but cuteFTP will still not connect.  Here is a copy of the log:

            *** CuteFTP 6.0 - build Dec 23 2004 ***

STATUS:>        Getting listing ""...
STATUS:>        Connecting to FTP server 69.151.84.30:21 (ip = 69.151.84.30)...
STATUS:>        Socket connected. Waiting for welcome message...
            220 Microsoft FTP Service
STATUS:>        Connected. Authenticating...
COMMAND:>      USER aramirez
            331 Password required for aramirez.
COMMAND:>      PASS *****
            230 User aramirez logged in.
STATUS:>        Login successful.
COMMAND:>      PWD
            257 "/" is current directory.
STATUS:>        Home directory: /
COMMAND:>      FEAT
            211-FEAT
                SIZE
                MDTM
            211 END
STATUS:>        This site supports features.
STATUS:>        This site supports SIZE.
COMMAND:>      REST 100
            350 Restarting at 100.
STATUS:>        This site can resume broken downloads.
COMMAND:>      REST 0
            350 Restarting at 0.
COMMAND:>      PASV
            227 Entering Passive Mode (69,151,84,30,200,233).
COMMAND:>      LIST
STATUS:>        Connecting FTP data socket 69.151.84.30:51433...
            426 Connection closed; transfer aborted.
ERROR:>         Connection closed; transfer aborted.

I read somewhere else that ports 20 and 21 need to open?  I'm running on Small Business Server 2003.  How do I open port 20 IF that is the cause of this problem.  If not, any suggestions?  Thanks!

-- JW
0
 
LVL 1

Expert Comment

by:rifraf1
Comment Utility
Hi JW,

Unfortunately, I don't use SBS2k3...  But from the log you posted, it appears as though you did successfully connect, but got booted upon attempting to transfer any data (the directory listing).

Just curious, but does your FTP server support passive mode?  Looks like you got booted upon attempting to connect to port 51433.  If your FTP server only supports active mode FTP, and your firewall blocks all ports not specifically opend by a running service, that would boot you as soon as you tried connecting to a port other than 20 or 21.  In active mode, 21 is used for FTP commands, and 20 is used for FTP data.

I'd recommend you check this out...  http://slacksite.com/other/ftp.html

Hope this helps.


Rif

ps. Just outta curiousity, can you connect to your FTP server via command prompt and performa a transfer/directory listing?  I would give this a shot just to eliminate the possibility of it being an issue with CuteFTP.  Also, when connecting via command prompt, make sure you find out if you are connecting via active or passive mode FTP.  If you connect via passive mode, and get booted, it may well just be an active vs. passive issue.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now